QuestionsWeb LinksClass OutlineClass notes

Question for Discussion: What are the larger lessons we can learn from the breakdown of Jurassic Park?

Readings: Jurassic Park, pp. 271-364;
Apel, Are Risk Assessment and the Precautionary Principle Equivalent?

Video: 60 Minutes--Challenger Disaster Interviews;
Jurassic Park: T-Rex eating the Lawyer

Response Paper: Based on the reading, class discussion, and the web notes, what do you thinkare the five major design flaws in Jurassic Park?Are some flaws more important than others?
(1-2 paper paper due Monday, Sept. 26).


Go to Top of Page

The Study of Engineering Failures

Engineering Failure and Risk Assessment

Causes of Engineering Failures


Go to Top of Page

Jurassic Park as an Example of Engineering Failure


Go to Top of Page


Go to Top of Page

Malcolm Explains Chaos and Jurassic Park Breakdown

"Scientists are actually preoccupied with accomplishment. So they are focused on whether they can do something. They never ask if they should do something. They conveniently defince such considerations as pointless....Discovery is always a rape of the natural world....The scientists want it that way. They have to stick their instruments in. They have to leave their mark. They can't just watch....They can't just fit into the natural order. They have to make something unnatural happen." (284)

"You create new life-forms, about which you know nothing at all. Your Dr. Wu does not even know the names of the things he is creating. He cannot be bothered with such details as what the thing is called, let alone what it is. You create many of them in a very short time, you never learn anything about them, yet you expect them to do your bidding, because you made them and you therefore think you own them; you forget that they are alive, they have an intelligence of their own, and they may not do your bidding, and you forget how little you know about them, how incompetent you are to do the things that you so frivolously call simple. Dear God....
(p. 305-306)
.................................................................

Malcolm on the Fallacy of Science as Control

"But science cannot help us decide what to do with the world, or how to live. Science can make a nuclear reactor, but it cannot tell us not to use it. And our world starts being polluted in fundamental ways-- air, water, and land -- because of ungovernable science....This much is obvious to everyone." (p. 312)

" Ever since Newton and Descartes, science has explicitly offered us the vision of total control. Science has claimed the power to eventually control everything, through its understanding of natural laws. But in the twentieth century, that claim has been shattered beyond repair. And now chaos theory proves that unpredictability is built into our daily lives. It is as mundane as the rainstorm we cannot predict. And so the grand vision of science, hundreds of years old -- the dream of total control --has died, in our century. And with it much of the justification, the rationale for science to do what it does. And for us to listen to it. Science has always said that it may not know everything now but it will know, eventually. But now we see that isn't true. It is an idle boast. As foolish, and as misguided, as the child who jumps off the building because he believes he can fly....We are witnessing the end of the scientfic erea. Science, like other outmoded systems, is destroying itself. As it gains in power, it proves itself incapable of handling the power." (p. 313)

"But you decide that you won't be at the mercy of nature. You decide you'll be in control of nature, and from that moment on you're in deep trouble, because you can't do it. Yet you have made systems that require you to do it. And you can't do it -- and you never have -- and you never will. Don't confuse things. You can make a boat, but you can't make the ocean. You can make an airplane, but you can't make the air. Your powers are much less than your dreams of reason would have you believe." (p. 351)

Risk Assessment vs. the Precautionary Principle

( Are Risk Assessment And The Precautionary Principle Equivalent? )

In the final category are found speculative risks.[16] Sometimes they are called “unknown risks,” or “unknown effects.” They exist in the region that lies beyond scientific knowledge or informed imagination. This is the point where the precautionary principle steps in. According to its Wingspread version, before using a new technology, process, or chemical, or starting a new activity, precautionary measures should be taken. The principle says these measures should be taken even if some cause and effect relationships are not fully established scientifically, but the sole pretext is novelty.

If a risk can’t be hypothesized, it can’t be tested. If it can’t be tested, it can’t be assessed. This means, of course, that the precautionary principle cannot be risk assessment; rather, it’s an assessment in the absence of any demonstrable or hypothetical risk. For this reason, the precautionary principle cannot serve the imperative to maximize benefits.

In fact, it violates the imperative to maximize benefits. The precautionary principle demands precautionary measures whenever unknown risks prove impossible to assess, which of course they always are. There is only one possible precaution to take against the unknown, unassessable risks of innovative benefits, and that is to refuse the benefits.

So, to recap: are the precautionary principle and risk assessment equivalent? No. Risk assessment is a fundamental part of improving quality, be it the quality of products or the quality of life, and plays a central role in the innovation required to maximize benefits. The only virtue of the precautionary principle is the avoidance of risks that are impossible to assess. Its vice is that these risks, which may not even exist, can only be avoided by refusing to improve quality, be it product quality or the quality of life.

Risk Assessment: The Opposite of the Precautionary Principle

"Finally, consider the reasonableness of the reverse of the Wingspread version of the precautionary principle: “When an activity has the potential to benefit human health or the environment, it should be implemented with due caution, knowing that some cause and effect relationships cannot be fully established scientifically. In this context the opponent of the activity, rather than the public, should bear the burden of proof.” Doesn't that sound more reasonable?"

Are Risk Assessment And The Precautionary Principle Equivalent?
by Andrew Apel , June 20, 2002

Challenging Risk Assessment

Already the basis of at least a dozen treaties and laws, including the 1992 United Nations Framework Convention on Climate Change, the precautionary principle holds that, "When an activity raises threats to the environment or human health, precautionary measures should be taken, even if some cause-and-effect relationships are not fully established scientifically. In this context, the proponent of an activity, rather than the public, should bear the burden of proof." (From the 1998 Wingspread Statement.) A recent conference organized by the Science and Environmental Health Network found that "existing environmental regulations and other decisions -- particularly those based on risk assessment -- have failed to adequately protect human health and the environment..."

"A fundamental problem with the U.S. Department of Agriculture's (USDA) proposed federal rule for "certified organic" is that it has been jerryrigged to conform to a flawed environmental regulatory system that is based on risk assessment. The rule would replace a model ecological program with a system that allows essentially anything to be used in agricultural ecosystems unless it is proven unsafe by "scientific" data. The national organic standards as drafted reflects the height of backward thinking."

Risk Assessment vs. the Precautionary Principle
by Frederick Kirschenmann, Ph.D.

Green Guide: Risk Assessment vs. the Precautionary Principle

The risk assessment approach has been used mainly to identify human health effects that may result from exposure to a specified hazard. So assessing the risk associated with a complex global issue like climate change becomes a large complicated task. To calculate all risk involved, risk assessments should thoroughly address the wide-ranging impacts of climate change on our ecosystem, economy and community, which is not possible at this point. A major criticism of risk assessment is that it does not factor in equity between generations, a central part of sustainable development. 133 Another major criticism is that, as a quantitative process, risk assessment ignores completely hazards and risks that cannot be quantified.

Once assessed, the risks are managed by balancing them against benefits. If the benefits outweigh the risks, then present activity continues. Two problems arise, though, with risk/benefit policy. First, those who bear the risks often do not get the benefits. And second, benefits are much better known than the risks. 134 So in other words, because of the uncertainty of risk, one can never be sure how severe the consequences of climate change may be. If we underestimate the future damage of climate change, the cost of taking little or no action in the near term could be substantial.

Risk Assessment vs. Alternative Assessments

This whole notion of a "safe" dose of poison is outdated. Our environment is already overloaded with pollution and any additional amount is unacceptable. The entire "science" of risk assessment fails to account for the complexity of systems and tends to look at one chemical at a time and how it affects healthy adult white males with cancer deaths. It doesn't tend to account for women, children, fetuses, the elderly, those with compromised immune systems, the multiple/additive/cumulative/synergistic effects of exposure to many pollutants, or the number of people who survive cancer or suffer non-cancer effects. There is no science that can handle the complexity of dumping 86,000+ chemicals into the environment and understanding all of the impacts.

In effect, risk assessment is merely a "death assessment" where bureaucrats gets to decide how much of each poison the public can acceptably be exposed to -- usually based on a standard of accepting an additional one in a million deaths from cancer for each permitted exposure to each chemical. As Dr. John Gofman once stated about nuclear power: "Nuclear power is mass, random, premeditated murder." The same could be said of most chemical exposures that are permitted by government-determined "safe" levels based on risk assessments.

Rather than rely on this outdated and unscientific method to control exposure, decisions need to be made through community-based needs assessments and alternatives assessments, where the affected populations can take part in a democratic decision-making process on whether proposed pollution sources are necessary in the first place and whether there are safer alternatives that can be employed. The current risk assessment approach assumes that corporations have a right to expose the public to pollution and that it's just a matter of ensuring that they stay within certain "safe" limits.

Arguing for the Precautionary Principle

Author Sandra Steingraber (see REHW #565) told the Wingspread meeting that the precautionary principle suggests certain kinds of arguments that grass-roots activists might use
at the local level:

1. When toxic chemicals enter our bodies --or the bodies of our children --without our informed consent, it is a toxic trespass. Such a trespass is wrong and almost everyone recognizes that it is wrong.

2. A recent study by the Harvard Center for Cancer Prevention concluded that only 2% of cancer deaths are caused by industrial toxins released into the environment. Steingraber points out that, if we accept such an estimate at face value, this 2% represents the painful deaths of nearly 11,000 individuals each year in the U.S. alone --the annual equivalent of wiping out a small city, thirty funerals every day. And these deaths represent a form of homicide. Such homicides are wrong and almost everyone recognizes that they are wrong.

3. We all have a fundamental human right to enjoy our environment free of fear. Those who put toxics chemicals into the environment -- whether as wastes or as products -- deny us this human right. Almost everyone recognizes that such a denial of human rights is wrong.

The Precautionary Principle Replaces Risk Evaluation by Peter Montague

>"True, the precautionary principle does shift the burden of proof for harmlessness onto the producers of toxic chemicals. Most people readily accept such a shift in the case of the pharmaceutical industry, which must show safety and efficacy before marketing a new drug. The rationale for placing such requirements on the drug corporations was that humans would be directly exposed to drugs, so safety had to be shown and the need for the new drug established. Today we know that all landfills leak, incinerators don't fully destroy toxic chemicals, and humans are therefore exposed to low levels of essentially every industrial chemical released into commercial channels (whether as waste or as product). Therefore, the rationale for U.S. pharmaceuticals policy would logically lead to the conclusion that all industrial chemicals should be treated the same as drugs: the burden of proof of harmlessness (and proof of need) should fall on the producer. "

"Because science is never certain, environmental regulation has attempted to use risk evaluation as a measure of the certainty of environmental damage from a given chemical release. As knowledge of environmental effects of chemicals has grown, risk evaluation has become of less and less value. It is now being replaced by the precautionary principle, i.e., avoid doing harm unless you have scientific certainty that no damage will result. Industry representatives oppose the use of the precautionary principle.

"Because we have allowed scientific uncertainty to postpone controls on dangerous activities, we now have hazardous levels of mercury in most of the nation's fresh-water fish; the Earth's ozone shield has been dangerously depleted; global warming is upon us, with attendant droughts, fires, floods, hurricanes, tornadoes and typhoons; the ocean's major fisheries are in serious decline; the normal sex ratio of male-to-female babies has been changed in numerous industrialized countries, and human sperm counts have declined 50% in 50 years; immune system disorders like asthma and diabetes are steeply rising; many of the world's coral reefs are dying; cancers of the brain, the lymph system, the blood system and the testicles are increasing; cancer in children is escalating; many species have gone extinct.... This list of contemporary calamities could be readily extended.

" But now people are waking up. They are waking up to the fact that scientific uncertainty should be cause for caution, not for plunging ahead recklessly. When flying blind, if you are not sure whether that shape looming just ahead is a cloud or a mountain, slow down. A stitch in time saves nine. If you aren't sure what you're doing, you should proceed slowly and carefully, or perhaps not at all. Better safe than sorry. That is the philosophy of precaution."

Best Example of Purposeful Engineering Failure: Microsoft Windows 3.0, 95, 98, 2000, ME, XP Home and XP Professsional, and Vista Home and Professional

Microsoft designs buggy, incomplete Windows Operating Systems and sells it to users, who instantly complain about the expensive, second-rate product they just bought. Microsoft works to correct these problems, and then sells a newer version of Windows to frustrated customers. However, the more problems Microsoft detects and fixes in Windows, the more problems and glitches it creates. This is a classic example of chaos theory: "Small changes in complex systems can lead to large, unintended results." But does Microsoft fundamentally redesign its Windows Operating System? No. What Microsoft does is sell even more frustrated users an even newer version of Windows, which they promise will solve all the nasty problems of the older versions of Windows. However, newer versions of Windows have new, unexpected problems, which Microsoft then promises to fix. Microsoft Window-Users are the biggest group of Software Failure Engineer Experts. We buy Windows and then determine that the newer version is just as buggy and error-prone as the older version. Why we still put up with this game is anyone's guess. Maybe we are addicted to the Windows Operating System. We believe that just more more fix will get it right.

"Are we really Windows Junkies? Does anyone really believe that the next version of Windows will really fix all its problems and bugs. Microsoft continues to assure us that the answer is to download the latest Windows' Software Patch or you will be sorry. We are all sorry Microsoft Windows Addicts. We continue to pay Microsoft to exploit us as Windows debuggers and testers. Windows-users should rise up and resist. All we have to lose is our "system errors".

Chris Lewis, Ph.D. (2003)

Microsoft Windows as a Car:
If Windows were a Car?

What to do about Engineering Failures:

The key difficulty, Casamayou argues, is that neither group was prepared to understand and act upon warning events involving items considered tangential in routine organizational scanning. Presuming good luck in the past dictated the future, NASA shuttle managers downplayed the importance of frequent erosion in an O-ring sealing hot gases from the fuel tanks. NASA managers even developed an "erosion standard" by which to justify ignoring corrosion in something never meant to corrode. Similarly, NRC regulators so strongly believed in the robustness of their technology that only large failures or big leaks were given attention. Operator responses to small leak loss-of-coolant accidents (LOCAs) were not part of the licensing process prior to the small leak LOCA at Three Mile Island. Operator failures in general were not seen as an industry-wide difficulty or even characteristic of a particular make of nuclear reactors; they were left to the purview of the industry. As a result, while the data was in-house and the external audiences were not overly interfering, the organization misperceived the information and failed to avert the accidents.

"If major accidents are necessary to shake the automatic presumptions and established scanning parameters of large-scale technology-dependent organizations, what then for the policy community to do? What publically legitimate mechanisms exist to substitute or minimize costs, or conceivably direct for maximum benefit, the probably inevitable organizational failures, other than to abandon the technology? Casamayou offers no answer but provides an interesting addition to the literature."
Chris DemChuk
Student list of breakdowns similar to the breakdown of Jurassic Park:

1.Challenger Explosion

2. Chernobyl Explosion

3. TWA 800 Explosion

4. Three Mile Island Accident

5.American Online Internet Breakdown for AOL Subscribers

6. Apollo 13 Accident

7. Titanic Sinking

8. Peruvian Jetliner that crashed in Summer 1996

9. Vaccines given to American Soldiers in Desert Storm

10. Valujet Florida crash in Summer 1996

11. New York City Power 1995 Power outage

12. Mysterious Power outage in the Western States
in 1995

13. Mysterious Power outage in the Eastern States in 2003

14. Space Shuttle Columbia Disaster (2003)

All of these accidents are, indeed, similar to the breakdown of Jurassic Park. In each case, they were caused by human overestimating their understanding of the environment, their technology to control the environment, and their ability to predict and prevent loss of control. Let's look at one of these disasters in detail to see what are some of the larger mistakes that they might share in common.

Looking at the "60 minutes" expose on the Challenger explosion, what are the major causes of the disaster?

1) The cold weather.

2. The President for pressuring for launch.

3) NASA for not accepting the engineers' warnings.

4. Morton Thiokol for refusing to accept the engineers'
warnings.

5. The engineers for not going public with their warnings
about the dangers.

6. The astronauts for being anxious to get into space.

7. The media for pressuring NASA to launch.

8. The public for pressuring NASA to launch a teacher into space.

9. NASA for worrying about how a delay would affect their Budget.

10. The families for not demanding that it was unsafe to
launch in such cold weather. Many families had discussed their concerns with the astronauts.

Compare the major causes of the Challenger Disaster with the causes of the breakdown at Jurassic Park:

1. The stormy weather.

2. Ingen's desire to quickly open the park and make money.

3. Hammond's desire to quickly open the park.

4. The Dinosaurs' desire to escape the control of the
park staff.

5. The Engineer's failure to understand the nature of the
DNA they were using to recreate dinosaurs.

6. The public for wanting to be entertained by real
dinosaurs in zoos.

7. The media for wanting to advertise and sell dinosaur
parks and products.

8. The scientists who failed to voice their concerns loud enough about the problems involved in controlling dinosaurs.

9.The park's over-reliance on computers to run the park, and on a few computer programmers to know how the computers controlled the park.

10. Biosyn, and other competing corporations, who were trying to beat Ingen to mass-producing dinosaurs and other "consumer biologicals."

What do the Challenger Explosion and the breakdown of Jurassic Park have in common:

1) They are the result of multiple, interdependent causes.
They don't have single, simple direct causes.

2) They are caused by modern industrial society's
acceptance of risk as a necessary part of life, despite
the fact that such risks often have dangerous, unpredictable outcomes.

3)They are caused by the desire to quickly develop technology and get it to the market before it is completely tested and understood.

4) They are caused by the desire to make profits or protect existing profits or funds.

5). They are caused by the failure of engineers and designers to understand the limits of our scientific knowledge and our ability to build and predict the performance of technology.

6). They are caused by political conflict and struggles
for dominance and control.

7). They are caused by public pressure for new
advances and the desire to acquire the latest
technology.

8). They are caused by the failure of scientists to properly understand the limits of their knowledge and inform the larger society about the consequences of their limited knowledge and limited ability to control and predict events in the larger natural world.

9). They are caused by the human obsession to defy nature, challenge the limits of nature and technology, and impose their control on the Earth.

10). They are caused by our failure to properly assess the long-term costs of developing science and technology given our limited knowledge and control of complex systems.

The global environmental crisis is the result of the same multiple causes that led to the Challenger explosion and the breakdown of Jurassic Park. The crisis is expanding, accelerating, and getting worse because, like Hammond, modern, industrial civilization insists on believing that we will very shortly completely understand the global environment, know how to use science and technology to control and predict the environment, and understand the short- and long-term costs of our actions. The breakdown at Jurassic Park is a serious warning that these assumptions are often wrong, and the results can be catastrophic. But how do we change our assumptions. If every time we witness a major technological breakdown, we deny there is a larger problem and keep hoping that next time we will know what we're doing we won't learn the larger lesson from the breakdown of Jurassic Park. There are unpredictable risks that lead to unacceptable catastrophes and death that should limit our development of science and technology, our efforts to use technology to control and predict complex systems, and limit our unbounded faith in the power of human reason and will to control the Earth. Until we accept this larger lesson, we will continue to have dangerous technological breakdowns and face growing global environmental problems.

The Precautionary Principle in Environmental Science: Conclusions and Recommendations

It is important to clearly distinguish between the development of scientific information about an issue and the setting of policy, but in practice, there is not always an unambiguous demarcation. Policy makers set agendas that determine the questions asked of scientists; scientists formulate hypotheses in ways limited by their tools and their imaginations; thus, the information they provide to the policy makers is limited and to a degree socially determined. There is a complicated feedback relation between the discoveries of science and the setting of policy. While maintaining their objectivity and focus on understanding the world, environmental scientists should be aware of the policy uses of their work and of their social responsibility to do science that protects human health and the environment (14). The precautionary principle highlights this tight, problematic linkage between science and policy, which can be summarized in the following seven points:

1. Scientific studies can tell us something about the costs, risks, and benefits of a proposed action, but there will always be value judgments that require political decisions.

2. The scientific data used for making policy will nearly always be limited by uncertainty. Even the best theory and data will leave much that is not known about estimates of risks, benefits, or costs.

3. In conducting their research, scientists must make assumptions, choices, and inferences based on professional judgment and standard practices, that if not known by the public or policy makers, may make scientific results appear to be more certain and less value laden than is warranted.

4. Although there are some situations in which risks clearly exceed benefits no matter whose values are being considered, there is usually a large gray area in which science alone cannot (and should not) be used to decide policy.

5. In these gray areas, status quo activities that potentially threaten human and environmental health are often allowed to continue because the norms of traditional science demand high confidence in order to reject null hypotheses, and so detect harmful effects.

6. This scientific conservatism is often interpreted as favoring the promoters of a potentially harmful technology or activity when the science does not produce overwhelming evidence of harm.

7. The precautionary principle, then, is meant to ensure that the public good is represented in all decisions made under scientific uncertainty. When there is substantial scientific uncertainty about the risks and benefits of a proposed activity, policy decisions should be made in a way that errs on the side of caution with respect to the environment and the health of the public.

The Precautionary Principle in Environmental Science

 


 | Home Page  | Readings  | Web Resources | Syllabus  | Top of Page |

   Number of Visitors to this site:  12037                   by Chris H. Lewis, Ph.D.

© 2000 by Chris H.  Lewis, Ph.D.
Sewall Academic Program; University of Colorado at Boulder
Created 1 June 2000:  Last Modified: 23 September, 2011
E-mail: cclewis@spot.colorado.edu
URL:    http://www.colorado.edu/AmStudies/lewis/ecology/index.htm